Ethical Hacking Training at InfoSec Institute

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Computer Forensics Computer-Forensics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Hardware Based Disk Encryption

from [John T. Hoffoss] Network Security [Permanent Link]
Subject: Re: Hardware Based Disk Encryption
Date: Sat, 4 Nov 2006 07:07:06 -0600
On 31 Oct 2006 13:52:01 -0000, bsmathers@reypd.com <bsmathers@reypd.com> wrote: 
http://www.seagate.com/cda/newsinfo/newsroom/releases/article/0,,2732,00.html

When someone gets a chance to play with one of these, please post. 

I have not played with one, but here I am, posting away.

An open and self-contained crypto infrastructure on a hard drive that is 
"useless" until the
BIOS recognizes it with a password key. Reminds me a little of the "locks" some
manufactures have that can be enabled in the BIOS for some drives. Although, it 
is easy
to just call up the manufacture and get the back-door key for locked drives 
(done many
 times with basic data recovery jobs or just hook up to another computer and 
not boot
from it), according to Seagate, there is no "back-door" access here. If the key 
is lost,
stolen, or just not available for investigations/recoveries, there will be no 
way to
access/read the FDE (Full-Disk Encryption) drive.


This has actually been around for awhile now, as I recall reading
about this last year, and the press release is dated June 2005. The
feature is invoked when you use a BIOS ATA password, and there are two
passwords, a Master and User, configurable for these drives.

There is also functionality for storage/backup of encryption keys on
another device. See fde.seagatestorage.com for a technical brief,
which covers what I have mentioned and more.

Also, it has a "wiping" technique that supposedly can "wipe" a drive in less 
then a
second and be "secure". I would like to know more about this. If anyone has any
information, please post. Thanks.


I did not find details on this. However, the technical paper I
reference above mentions that when you encrypt one of these drives,
there is no initialization process, and if you change your passwords,
there is no decrytion/encryption process. The drive also states there
is no DMA on this drive.

This is pure speculation, but I would guess the password gives you
access to the drive, which has some sort of address translation table
that gets encrypted, and has some built-in routine for wiping this
table, rather than the entire disk. Since there is no DMA, this table
could track where your data is and return zeros for any other
location. That doesn't seem right to me, though. Seems like that's a
lot of complexity for a hard drive firmware. Hopefully someone that
knows more about Seagate drive encryption will post.

[More messages with this same subject...]


<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  EUSecWest/London CFP extended to Nov. 7, Dragos Ruiu
Next by Date:  File Systems - Forensic Context - VFS, Jeimy José Cano Martínez
Previous by Thread:  Re: Hardware Based Disk Encryption, Steve
Next by Thread:  Re: Hardware Based Disk Encryption, Tom Stowell
Indexes:  [Date] [Thread] [Top] [All Lists]